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I (57) Abstract 



In a method and a de- 
! vice for partial encryption and 
progressive transmission of im- 
CTw section of ttw un- 
file is compressed at .educed 
quality without decryption, and 
a second section of the .mage 
filefcencryptcd. Users having 

^tolpp"»Pri» tede f? pt,0n 
^Tocds can decrypt th.s sec- 
oXStion. The first section 
together with the decrypted sec- 
StioncandKnbeview«i 

a7a full qumity Una^. The star- 
age space required for storing *e 

first ^section togemeris w- 
sentially the same as the stor 
«rs P ace required for storing 
the unerK^yrMcd full quality^ 

aee By using the method and 
I device as described herein stor- 
aee and bandwidth requirements 
' for partially encrypted images is 
reduced. Furthermore, object 
based composition and process- 
ing of encrypted Ejects are fa- 
cilitated, and ROIs can be en- 
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A METHOD AND A DEVICE FOR ENCRYPTION OF IMAGES 

relates co a method an, a device for 

encrypting images. 

BACKGRODND OF THE INVENTION AND PRIOR ART 

BACKGROUND technical field which becomes 

Encryption of digital aaua i» r^ a n„ r OT - 

i,Jrtant when transmitting and storing secret information or 
formation which only shall be available to a user paying tor 
information. Thus, several methods for encrypting digital 
are in freguent use. Such methods can also he applied also 
to digital image data. Examples of encryption methods are t>ES. 
triple DES and the public-key RSA method. 

be distributed using a ^^^ZeTs^ro, that suits 
servic e t^lt it might be suitable to 

their business model . In aceess tQ 

ot£ er P«tial acc r: to on -of ~ ^ ^ ^ ^ 

rrtaHnlrr to prevent all users from having full access 
to all image data. 

v~ offered for sale on the Internet. 
se „s P^ographs can e^g b ^ . 

The service provider wcui evaluation, 
version of the image with reduced quality *« ~ =e ^ 

journal, that want to publish an image, pay for th 
"eThen allowed to download a full quality image. 

„ ,.rvice provider wants to minimize storage space 
However, such a service provi hc alcein atively 

^ download bit rates. *n image ^'^.^ „ gi ven 
„ant to distribute images on e.g. • aC a 

a „ a y or sold for a low price. Customers can -w ^ ^ 

reduced guality, but they must pay^ « ' ^ ^ s „ rage 

ouality. m the case the image provider wan 

Ta/e on the CD-ROM as efficiently as possible. 
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It is also essential that customers always can aooess 
^ing user friendly, standardise* software. !«. providers are 
reluctant to design and support special image viewers and 
customers don't want a proliferation o£ viewing tools. 

Presently, image providers nave to store two versions of the 
images stored. The full quality version is stored a an 
encrypted image file. This means that the image first is 
compressed and stored in a compressed file format such ^ 
or GIF The compressed file is then encrypted using a suitable 
^ion too7and an encrypted image file is stored The user 
.jTfirst decrypt this file and then access 
compressed image file using an i*age viewing tool Reduced 
ouality images are produced by processing the full quality ^ 
C an image editing program. They are stored as separate 
compressed image files. 

Th e problems with this solution are that at least 

Z of the seine linage need to be stored, and that both 
^st alsHe transmitted over the network in case of 
versions must f ^ £irst ^s to see the free 

remote access in the case a resolution 
low resolution image before paying for the full 

version. 

„ im if leant disadvantage if the reduced 
Tois results in a signif leant ° 

version image contains a lar* fract ^ ^ 

^formation. Images thatar off 

in particular be provided for previ ^standing of 

— Tcept only he highest quality for 

££T r^ducTd qSty image could require 10-50* of the 
storage space of the full quality image. 

.rthermore. the emerging still ^^^^ 

v described in Charilaos Christopoux 

which is describe includes many new 

Verification Model Version 2.0, ^ coding 

penalities in comparison - ^ creating . 

rs-^ — — Each application domai * 
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can select a suitable progression mode. Individual objects 
ZZ images can be accessed separately in the «BC 2000 
oxtstream and progressive transmission can be applied also to 
objects, in JPEG 2000 there is also support tor xndependently 
decodaJble coding units. 

SUMMARY 

It is an object of the present invention to overcome the 
problems as outlined above and in particular to reduce the 
promems fn / stor ina an image, which partially 

amount of memory required for storing an un g 

shall be possible to view, and also to reduce transmission time 
in a transmission scheme transmitting partially encrypted 
images. 

This object and others are obtained by a technique for partial 
Encryption and progressive transmission o£ images where a first 
sectfon of the Lags file can be depressed at reduced quality 
without decryption, i.e. the first low quality image - not 
Encrypted, and where a second section of the xmage fxle xs 
encrypted . 

users -ng access tc ^^J^^Z Z 
decrypt this second sectxor. The fx _ ^ ^ 

decrypted second sectxon can then ^ 
image. The storage J ^ ^ storage space 

section together xs -"^^ £ull ^ image. The 
squired for storxng the ing on C he 

encryption of the second sectxon ^ ^ ^ ^ 

encryption method, imply a sugiu- f 
Tctfon cohered to the unencrypted second sectxon. 

can also be partitioned into multiple sections where 
The image can also be P individual encryptxon 

each section may be -^/ ^ be stored ^encrypted. 
m ethod and Keyword. Some ~<=tx y ^ 

M i^^^;^ consist of a set of 

" possible to perform encryption 

Lain without performing entropy 
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» reduced quality iaage can be produced according to several 
different main schemes, such as: 

1) Reduced resolution 

2) Reduced accuracy o£ the transfer, coefficients 

3, Exclusion of predefined regions of interest (ROD 

.ethods can be coined so that a reduced quality i*ag. is 

, . . v, -resolution and the accuracy 

e.g. produced by reduexng both the resoxutio 

of the transform coefficients. 

B y using the method and device for storing and transiting 
iLge oata as described herein, several advantages are obtained. 
•ST there is no need to store two different versions of an 

if different users are to have access to different guality 
oTthe one end sa»e iuage. Also, transmission ti»es become , «* 
ot cue ^ Fir-fit low resolution, 

image data. 

™ntronTili™b S e described in detail end 

lith reference to the eocompenying drewings. in which. 



- Fig 
Figs 



«t»1 view of the file structure of an image. 
\: S rr:tre:=ryption - i^es — according to 

^ r. f-Thlrt illustrating some steps carried out 

"TirtTstdirgrrrilustrating a client server process. 



- Pig 

- Fig. 



5 is a view of an encryption header 



DETAILED DESCRIPTION structU re of an original, 

in Fig. 1. a general view of the file ^ 
hig h resolution,^, , i ; decodable coding 
consists of a number of different 1 P showI1 in pig. 

sections 101, 103 and 105. * t£ = ^ ^ & ^ 

l# th e section 101 ^ / J ^ encryption and will therefore 

resolution image, is coaea w 

be possible to decode by any receiver. 
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The section 103, which comprises data, which combined with the 
The section i , ^ resolution verslon of 

data of sectxon 101, resul f±rst encryption 

section 103 . 

. j a1 . 3 which combined with the 

rrh* section 105, which comprises data, wna.cn co 

o £ section 10X and ,03 results in a ful! resolutxon versron 
or the high resolution image, is encrypted using a second 
election method, and oniy receivers having access to the 
encryption Hey wiU he ahle to decode the data stored „ the 



section 105. 



^- „ ^ hhe section 101 will result in a low 
Thus, decoding of Decryption 109 and decoding of the 

101 rr- - reronT™ ss 1 -* - ^ ~ 

" sectLs i0, and 103 resuit in a £ ull resoiution ^ge 



115. 



^ther-re, Cementation in ---^T. 
«• - eath coding unit o £ the ^ 

ro^rrJcan r *— - - - ^ a ~ de 

rLge o £ progressive modes can he supported. 

» reEG ,000 verification model V f ^^tV"*^ ^ 
U. hitstream that ^l^^TZ^ as any 
subband. in general, a coding unit can ^ tj _ oa . The general 

gently ^^~^T^L is to include so 

rr^T^uL the -border is 

^Hicient to specify the suhban * * „ that 

=s — - - - 

Reeded for inserting explicit tags. 
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in Figs. 2a and 2b block diagrams describing how encryption can 
be implemented in the JPEG 2000 encoder and decoder 
respectively, are shown. 

Thus in Fig 2a a block diagram where encryption is performed 
arte; entro P y coding in the encoder is shown. Coding units enter 
^ entropy Coding block 201. In the block 201 coding the codrng 
ZZ are entropy coded using some suitable entropy code^ The 
« from the block 201 is fed to a selector whrch selects a 
suitable encryption method for each entropy coded codmg unrt. 
sle coding units can be selected to not be encrypted at all. 

In response to the selection made in the selector 203 the 
Iropy coded coding units are encrypted in a block 205. The 
LryPted coding units together with the not «™*«*-» 
unltf then form a combined output data stream. wh,ch can be 
stored or transmitted. 

in Fig 2b a decoder for decoding the bit stream generated by 
in Frg. 2b £irsc en=rypte d and not 

whxch selects a received coding unit is not 

coded coding unit, or if the receive a 
encrypted it is directly transmitted to a block 255. 

„ to the selection made in the selector 255 the 
in response to the seiec using a 

, , codinq units are decrypted m a dj.oo 
entropy coded coamy ^ . , rnfiinC( units are 

~ :i: l -~ - —Tor: rsr 

bl ock 253 are entropy decoded an * ° ^ which is fe d 

output data stream corresponding to the data 
to the entropy coding block 201 in Fig. 2a. 

,-v,- t- remission scheme as shown in the 
Ea ch coding unit - ^ ™^ independently encrypted block. 
Figs. 2a and 2b is handled as an md p h user 

E ach coding unit can also be encrypted ^ image 

supplied encryption method. Different Jods. The 

w ^ted with different encryption metho 
can be encrypt ea w±uix 
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, hnd used C an further be an encryption algorithm 

sKrnzL" a «« . — . 

Different encryption methods oan in such sn embodiment have 

SS-X algorithms - different ^-J^^t. 

n^criotion (EMD) as shown in Figs. 2a and 2b is any gxo 

" h « session Keywords or algorithm identifiers 

^specify the Encryption Method. Unit Encryption State (MS) » 

a symhoi that for each coding unit defines how it rs encrypted. 

in Fig. 3. a flow chart illustrating different steps carried out 

encrypting an image are shown. First in a step 30 an 
i^age to be partially encrypted is received. The rmage "cexved 
rTteP 301 Is then coded using a coding algorithm generating 
i^endently decodahle coding units, e.g. 2000. rn a step 



303. 



.ten 305 some of the coding units of the image coded 
NKtt ; ~303 are encrypted using s«ne suitable encryption method. 

T P 2 The cooing units that are chosen to be encrypted 
such as DES. The cooing „„f„«„ MS Thus, a user con 

can be set in accordance with user *~™^ ordet 
chos e to have coding units ^ units 

bit-Planes etc^ncrypte-^ly^^ _ ^ ^ . 

and the coding units wmcn * 
single bit stream. 

In Fi , 4 , a flow Chart "3^^^"^^ 
wh en transmitting an i—.-"* 4 ~ JL. Thus, a client 
ascribed in <=°«™ % he olie nt ,01 can then issue 

r^To^ts ^ server ,03 for a particular image, step 



405. 



403 replies by transmitting the coding units of the 
The server 403 replies y ^ encrypte d 

ima ge which are not -crypt e d ^ nQW will ha ve 

coding units can be decoded by the cli ^ 
access to a low resolution version or ^ par ^ fc 

this information the client may wish 
Based on this m „ QnlutioI1 or the full image. If so tn 

the image in a higher resolution 
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client transmits a request to the server requesting such 
information, step 409. 

The server replies by sending a request to the client requesting 
the client to agree to the conditions for transmitting the 
higher resolution version of the image, step 411. If the client 
agrees via a message 413, e.g. comprising a card number or 
account number from which to bill the cost for the image, the 
server sends the encrypted coding units together with a key word 
by means of which the encrypted coding units can be decrypted, 
step 415 A secure method for key distribution should be used. 
Examples of such secure methods are described in W. Stallings 
"Data and computer Communications", p 635 -637, Prentice-Hall 
1997 fifth edition ISBN 0-13-571274-2. 

If the client already has access to the unencrypted and 
encrypted coding units, for example if he has purchased a CD-ROM 
with images coded as described herein. The scheme as described 
in conjunction can be modified so that no image data xs 
transmitted. Instead the client only agrees to ^ 
t he server in order to have access to the key word s which are 
required to decrypt the encrypted coding unxts of the CD-ROM. 

in the case when the method and device as described berein is 
US ed when encoding image according to the JPEG 2000^t 
is advantageous if the JPEG 2000 standard does not s ^-dxse 

-on me thods An Encryption Header that xs included xn the 
Z7^T%lZ^™ -cation Tag that is merg* . 1* 
image neau . d to spe cify how codxng 

the JPEG 2000 Tags can xnstead be usea t 

units are decrypted. 

I„ such an embodiment the JPEG 2000 image header contains an 
in such an , £ codlng mlt ls 

^ : ration Header « should then he appended to 
™E0 2000 image header and encryption i^ormatron can 
optionally be merged into JPEG 2000 Tags. 

m Fi9 . s an encryption header is shown. 

L in such an embodiment contain the following symbols. 

SUBSTTTUTE SHEET {RULE 26) 
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1) Encryption 
defined e.g. 



Mode (EM) . A set of standard encryption modes are 



a) One encryption method is used for all coding units 

b) Bitplanes of less significance than bitplane X are encrypted 

c) Subbands of higher resolution than Y are encrypted 

d) ROIs specified in are encrypted, etc. 

No encryption information need to included in the Tags if an EM 
is defined. 

2) Encryption Mode Parameters (EMP) . Parameters (X, Y. ...) that 
are used to define the Encryption Mode are set here. 

3) Number of encryption methods used. Several encryption methods 
can be used within the same image if e.g. different user groups 
should be allowed to see different image content. 

4) One Encryption Method Descriptor (BHD) for each encryption 
method The EMD defines any data that is needed by the 
^ticn/decryption ,odule. The type of ™^«^- 

* a hvnica i use of EMD will be to include a keyword 

i^age c—".- 1 ^*' ^ s number is usea in D ES syr^ols. 
each encryption method. Tms nui. 

s, The bitstrea* m*t for each coding unit one 
encrypted and if so by what ^thod. This is done by setting 

. . state (OES) symbol per coding unit. These 

D mt Encryption S ate I y- encrypC ion header or 

SYmb ols could eithe £^ ^ as encrypti on 

alternatively^ ^ ™ ^ ^ en=rYption header we 

tags. If the UE5 xnioj. consists of 

lomon v _ Encryption State \Et>) . m ^ 
define a header element Encryp order as the 

a series of UBS symbols that are listed m the same 
coding units appears in the bit stream. 

I, EF is set and the Encryption State is not given in the 
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header, JPEG 2000 Tags can be expanded to contain Unit 

f State (DBS) symbols. UES defines which encryption 

ZZ Z any that is used *» encrypting the next coding 

unit. 

«- transform coefficients belonging to a ROI can be bandied as 
iTd above. They can be completely or P-iali™ ted 
by selecting appropriate coding units belonging to tbe ROX 
encryption. 

ft. main problem is that tbe sbape of tbe ROI might 
content. If the shapes are encrypted it is, however drffreult 
to show a reduced ,uality image since it is drffrcult to 
interpret the coded transform coefficients. 

Thi s problem can be solved by defining a so called 

shape <c-3hape, . -s . the Z -signed to 

shape is a bounding box. 

-i or»T in t-he JPEG 2000 bit 
X c-shape is ^\-;Z:7Zre:^on as described in 
stream. The c-shape x coded wit Verification Model 

Charilaos Cbrx^P^J-^' f as described therein 

version 2.0. -cordxng to the techn gu ^ ^ ^ ^ ^ 

this would result m that the snap 
header. 

c-shaoe and the transform 
A masK is created «"*^ ^ u codeQ M d encrypted 
coefficients belonging to the c P . q ^ 

using the method as described here^. T*rs «r ^ 
al l coefficients belonging to any of the ^ ^ 

by the c-shape are encrypted. The text 
protected by encryption. 

Th e Shape of ~ ~ ^^^ST,^ ~ 
encryption header «• ^ che corresp onding c-shape. 
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shaP e can be displayed as a blank region. The original ROIs can 
! r if the keyword is known. This is done by decrypting 

fhe el =ien"rnging to the c-shape. The shape of each ROI 
belonging to the c-shape is also decrypted. The bltstrea* can 
n w be Rearranged so that the c-shape * ^ 
original SOI data structures are restored. Note that this 
done in the compressed domain. 

The mas* that is used for encoding a ROI is not "^f^f 
in JPEG 2000. A mask that is sufficiently large so that the ROI 
is hooded lossless will often cover the whole lower subbands A 
^that is not allowed to expand will lead to a lossy encoding 
7L ROI . The masks belonging to different ROIs or to a ROI 
1 the background can be designed to overlap. Thrs m eans that 
some coefficients are encoded in more than one 

will lead to a reduced overall compression but the ROIs 
overlap will leaa to a accessed and decoded 

are more independent so that any ROI can be accessed an 

with a good visual result. 

-v,,^ f^r- ROIs described herein is not 
T he P«^al encryption me hod^ or ROIs ^ ^ ^ ^ 

dependent of the choree of^ ^constructed from the 

so that the content o a ^ fi ^ £or buil ding a 

content of any other ROI or g described iD charilaos 

M sk that hides the conten £ ^ ^ ^ ^ 
Christopoulos (ed.l, J'B" 

„ ,nd device as described herein storage and 
B y using the method and deTl " encrypted images is 

handwidth "^-"^tasad composition and processing of 
educed. Furthermore, objec based P ^ ^ 
encrypte d objects are f c Ultat ed^ ^ ^ 

mother advantage is ~ 

performed at the «. t-e « ^ „ (aC ch e 

the P-ess take place ^ • ^ ^ ^ „ ithout 
bitstream syntax) P forme d just before 

encryption. The -f^"" ltraIlsco der. . In this case, 
transmitting the image by a parser Itr 
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a =o« the bitrate, which will be the case 
if the encryption increases the bitr & ^ 

if the encryption is placed m the TAGS 

is avoided and the encryption information is oniy 

transmitting it. 
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CLAIMS 



I. x method of partially encrypting image data comprising the 

fccl^'the image data using an encoding algorithm generating 

independently decodable coding units, 

- encrypting at leant one of the coding units, and 

. merg^g elding units which are not encrypted with codmg un.es 

which are encrypted into a combined bitstream. 

A method according to dais, 1, character!*** in that the not 
encrypted coding units correspond to a low resolution versron of 
the image data. 

3 A method according to any of claims 1-2, characterised in 
Lt oifferent coding units are encrypted using different cooamg 

methods . 

4 a method according to any of claims 1 - 3. characterise* in 
that an encryption flag, which indicates if a cooxng unrt .„ 
encrypted, is inserted in the bit stream. 

- n ■ • i - a when information 

5 . a »-- r ^ g —f I^sTis encrypted, 
VZ'^TZ Z that'the shape of the region of interest rs 
enclosed in a cloaking shape. 

, ,^ial encryption of image data characterized 

6 . a. device for partial encrypt 

^s for coding the image data according to an encoding 

- means for coding decodable coding units, 
algorithm generating independently decoda » ^ 

- Lans connected to the coding means for encryp 

one of the coding units, and encrypted with 

. i-nrfincr units whxen are not ^ -£ ^ 

- ffl eans for merging codX ^ ^ a cofflbined bi tstream. 
coding units which are encrypted, as 

„< na to claim 6, characterized by means for 
7. A. device according to claim , corresponding 
selecting the not encrypted coding units as un 
to a low resolution version of the .mage data. 
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S A device according to any of claims 6-7, *» 
4e^ for-mncrypting ««—* ^ US1 "' ^ 

coding metixods. 

, A device according to any of claims 6 - 8. T 
«ans for inserting an encryption flag, wnicn Rentes if 
coain, unit is ancryptad, in the bit stream. 

« A device according to any of claims 6-9. cnar.otari.ed >, 
10. A aevice a ^ interest shape in a cloaking 

means for enclosing a regxon of interest snap 



shape. 
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